CPU | Breaking Cybersecurity News | The Hacker News

Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The flaws, collectively called Transient Scheduler Attacks (TSA), manifest in the form of a speculative side channel in its CPUs that leverage execution timing of instructions under specific microarchitectural conditions. "In some cases, an attacker may be able to use this timing information to infer data from other contexts, resulting in information leakage," AMD said in an advisory. The company said issues were uncovered as part of a study published by Microsoft and ETH Zurich researchers about testing modern CPUs against speculative execution attacks like Meltdown and Foreshadow by stress testing isolation between security domains such as virtual machines, kernel, and processes. Following responsible disclosure in June 2024, the issues have been assigned the below CVE identifiers - CVE-2024-36350 (CVSS score: 5.6) ...

One of the first malware samples tailored to run natively on Apple's M1 chips has been discovered, suggesting a new development that indicates that bad actors have begun adapting malicious software to target the company's latest generation of Macs powered by its own processors. While the transition to Apple silicon has necessitated developers to build new versions of their apps to ensure better performance and compatibility, malware authors are now undertaking similar steps to build malware that are capable of executing natively on Apple's new M1 systems, according to macOS Security researcher Patrick Wardle. Wardle detailed a Safari adware extension called GoSearch22 that was originally written to run on Intel x86 chips but has since been ported to run on ARM-based M1 chips. The rogue extension, which is a variant of the Pirrit advertising malware, was first seen in the wild on November 23, 2020, according to a sample  uploaded  to VirusTotal on December 27. "Tod...